package com.sun.xml.wss.core;

import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.reference.DirectReference;
import com.sun.xml.wss.core.reference.EncryptedKeySHA1Identifier;
import com.sun.xml.wss.core.reference.KeyIdentifier;
import com.sun.xml.wss.core.reference.SamlKeyIdentifier;
import com.sun.xml.wss.core.reference.X509IssuerSerial;
import com.sun.xml.wss.core.reference.X509SubjectKeyIdentifier;
import com.sun.xml.wss.core.reference.X509ThumbPrintIdentifier;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.XMLUtil;
import com.sun.xml.wss.impl.config.ConfigurationConstants;
import com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl;
import jakarta.xml.soap.Node;
import jakarta.xml.soap.SOAPElement;
import jakarta.xml.soap.SOAPException;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javanet.staxutils.Indentation;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/xml/wss/core/SecurityTokenReference.class */
public class SecurityTokenReference extends SecurityHeaderBlockImpl implements com.sun.xml.ws.security.SecurityTokenReference {
    private ReferenceElement refElement;
    private Element samlAuthorityBinding;
    protected static final Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");
    private static final String authorityBinding = "AuthorityBinding".intern();

    public SecurityTokenReference() throws XWSSecurityException {
        try {
            setSOAPElement(getSoapFactory().createElement("SecurityTokenReference", MessageConstants.WSSE_PREFIX, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"));
            addNamespaceDeclaration(MessageConstants.WSSE_PREFIX, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        } catch (SOAPException e) {
            log.log(Level.SEVERE, "WSS0377.error.creating.str", e.getMessage());
            throw new XWSSecurityException((Throwable) e);
        }
    }

    public SecurityTokenReference(Document document) throws XWSSecurityException {
        try {
            setSOAPElement((SOAPElement) document.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", MessageConstants.WSSE_SECURITY_TOKEN_REFERENCE_QNAME));
            addNamespaceDeclaration(MessageConstants.WSSE_PREFIX, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0378.error.creating.str", e.getMessage());
            throw new XWSSecurityException(e);
        }
    }

    public SecurityTokenReference(SOAPElement sOAPElement, boolean z) throws XWSSecurityException {
        super(sOAPElement);
        if (!sOAPElement.getLocalName().equals("SecurityTokenReference") || !XMLUtil.inWsseNS(sOAPElement)) {
            log.log(Level.SEVERE, "WSS0379.error.creating.str", sOAPElement.getTagName());
            throw new XWSSecurityException("Invalid tokenRef passed");
        }
        isBSP(z);
        Iterator childElements = getChildElements();
        if (!childElements.hasNext()) {
            throw new XWSSecurityException("Error: A SECURITY_TOKEN_REFERENCE with No child elements encountered");
        }
        int i = 0;
        while (childElements.hasNext()) {
            if (z && i > 1) {
                throw new XWSSecurityException("Violation of BSP R3061:  A SECURITY_TOKEN_REFERENCE MUST have exactly one child element");
            }
            Element element = (Node) childElements.next();
            if (element == null) {
                log.log(Level.SEVERE, "WSS0379.error.creating.str");
                throw new XWSSecurityException("Passed tokenReference does not contain a refElement");
            }
            if (element.getNodeType() == 1) {
                if (authorityBinding == element.getLocalName() || authorityBinding.equals(element.getLocalName())) {
                    try {
                        this.samlAuthorityBinding = element;
                    } catch (Exception e) {
                        throw new XWSSecurityException(e);
                    }
                } else {
                    this.refElement = getReferenceElementfromSoapElement((SOAPElement) element, z);
                    i++;
                }
            }
        }
    }

    public SecurityTokenReference(SOAPElement sOAPElement) throws XWSSecurityException {
        this(sOAPElement, false);
    }

    public ReferenceElement getReference() {
        return this.refElement;
    }

    public void setSamlAuthorityBinding(Element element, Document document) throws XWSSecurityException {
        if (this.samlAuthorityBinding != null) {
            throw new XWSSecurityException(" SAML AuthorityBinding element is already present");
        }
        try {
            addTextNode(Indentation.NORMAL_END_OF_LINE);
            addChildElement((SOAPElement) ((Element) document.getOwnerDocument().importNode(element, true)));
            addTextNode(Indentation.NORMAL_END_OF_LINE);
            this.samlAuthorityBinding = element;
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    public Element getSamlAuthorityBinding() {
        return this.samlAuthorityBinding;
    }

    public void setReference(ReferenceElement referenceElement) throws XWSSecurityException {
        if (this.refElement != null) {
            log.log(Level.SEVERE, "WSS0380.error.setting.reference");
            throw new XWSSecurityException("Reference element is already present");
        }
        try {
            addTextNode(Indentation.NORMAL_END_OF_LINE);
            addChildElement(referenceElement.getAsSoapElement());
            addTextNode(Indentation.NORMAL_END_OF_LINE);
            this.refElement = referenceElement;
        } catch (SOAPException e) {
            log.log(Level.SEVERE, "WSS0381.error.setting.reference");
            throw new XWSSecurityException((Throwable) e);
        }
    }

    public void setWsuId(String str) {
        setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
        setAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", MessageConstants.WSU_ID_QNAME, str);
    }

    public void setTokenType(String str) {
        setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsse11", MessageConstants.WSSE11_NS);
        setAttributeNS(MessageConstants.WSSE11_NS, MessageConstants.WSSE11_TOKEN_TYPE, str);
    }

    public String getTokenType() {
        return getAttributeNS(MessageConstants.WSSE11_NS, "TokenType");
    }

    public static SecurityHeaderBlock fromSoapElement(SOAPElement sOAPElement) throws XWSSecurityException {
        return SecurityHeaderBlockImpl.fromSoapElement(sOAPElement, SecurityTokenReference.class);
    }

    private ReferenceElement getReferenceElementfromSoapElement(SOAPElement sOAPElement, boolean z) throws XWSSecurityException {
        String localName = sOAPElement.getLocalName();
        if (localName.equals("KeyIdentifier")) {
            return getKeyIdentifier(sOAPElement, z);
        }
        if (localName.equals("Reference")) {
            return new DirectReference(sOAPElement, z);
        }
        if (localName.equals("X509Data")) {
            return new X509IssuerSerial(sOAPElement);
        }
        if (z && localName.equals("KeyName")) {
            throw new XWSSecurityException("Violation of BSP R3027: A SECURITY_TOKEN_REFERENCE MUST NOT use a Key Name to reference a SECURITY_TOKEN. KeyName is not supported");
        }
        log.log(Level.SEVERE, "WSS0335.unsupported.referencetype");
        XWSSecurityException xWSSecurityException = new XWSSecurityException(sOAPElement.getTagName() + " key reference type is not supported");
        throw SecurableSoapMessage.newSOAPFaultException(MessageConstants.WSSE_UNSUPPORTED_SECURITY_TOKEN, xWSSecurityException.getMessage(), xWSSecurityException);
    }

    private KeyIdentifier getKeyIdentifier(SOAPElement sOAPElement, boolean z) throws XWSSecurityException {
        String attribute = sOAPElement.getAttribute("ValueType");
        if (z && attribute.length() < 1) {
            throw new XWSSecurityException("Voilation of BSP R3054 : A wsse:KeyIdentifier element in a SECURITY_TOKEN_REFERENCE MUST specify a ValueType attribute");
        }
        String attribute2 = sOAPElement.getAttribute(ConfigurationConstants.ENCODING_TYPE_ATTRIBUTE_NAME);
        if (z && attribute2.length() < 1) {
            throw new XWSSecurityException("Voilation of BSP R3070 : A wsse:KeyIdentifier element in a SECURITY_TOKEN_REFERENCE MUST specify an EncodingType attribute. ");
        }
        if (z && !attribute2.equals(MessageConstants.BASE64_ENCODING_NS)) {
            throw new XWSSecurityException("Voilation of BSP R3071 : An EncodingType attribute on a wsse:KeyIdentifier element in a SECURITY_TOKEN_REFERENCE MUST have a value of http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
        }
        if (attribute.equals(MessageConstants.WSSE_SAML_KEY_IDENTIFIER_VALUE_TYPE) || attribute.equals(MessageConstants.WSSE_SAML_v2_0_KEY_IDENTIFIER_VALUE_TYPE)) {
            return new SamlKeyIdentifier(sOAPElement);
        }
        if (attribute.equals(MessageConstants.X509SubjectKeyIdentifier_NS) || attribute.equals(MessageConstants.X509v3SubjectKeyIdentifier_NS)) {
            return new X509SubjectKeyIdentifier(sOAPElement);
        }
        if (attribute.equals(MessageConstants.ThumbPrintIdentifier_NS)) {
            return new X509ThumbPrintIdentifier(sOAPElement);
        }
        if (attribute.equals(MessageConstants.EncryptedKeyIdentifier_NS)) {
            return new EncryptedKeySHA1Identifier(sOAPElement);
        }
        log.log(Level.SEVERE, "WSS0334.unsupported.keyidentifier");
        throw new XWSSecurityException("Unsupported KeyIdentifier Reference Type encountered");
    }

    @Override // com.sun.xml.ws.security.SecurityTokenReference
    public List getAny() {
        return null;
    }

    @Override // com.sun.xml.ws.security.SecurityTokenReference
    public void setId(String str) {
        setWsuId(str);
    }

    @Override // com.sun.xml.ws.security.Token
    public String getType() {
        return null;
    }

    @Override // com.sun.xml.ws.security.Token
    public Object getTokenValue() {
        try {
            return getAsSoapElement();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
